summaryrefslogtreecommitdiff
path: root/security/integrity/ima/Kconfig
diff options
context:
space:
mode:
authorMimi Zohar <zohar@linux.vnet.ibm.com>2009-02-04 09:07:00 -0500
committerJames Morris <jmorris@namei.org>2009-02-06 09:05:31 +1100
commit4af4662fa4a9dc62289c580337ae2506339c4729 (patch)
treefaec95258d2456eb35515f289eb688914ce3b54f /security/integrity/ima/Kconfig
parentbab739378758a1e2b2d7ddcee7bc06cf4c591c3c (diff)
integrity: IMA policy
Support for a user loadable policy through securityfs with support for LSM specific policy data. - free invalid rule in ima_parse_add_rule() Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/integrity/ima/Kconfig')
-rw-r--r--security/integrity/ima/Kconfig6
1 files changed, 6 insertions, 0 deletions
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 2a761c8ac996..3d2b6ee778a0 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -47,3 +47,9 @@ config IMA_AUDIT
auditing messages can be enabled with 'ima_audit=1' on
the kernel command line.
+config IMA_LSM_RULES
+ bool
+ depends on IMA && (SECURITY_SELINUX || SECURITY_SMACK)
+ default y
+ help
+ Disabling this option will disregard LSM based policy rules